Basic IT security for small companies

Cyber lock
Basic tips to keep things safe

Security breaches are surging. Small companies that are not protected are putting themselves at substantial risk, with many assuming that because they are a smaller business they are safe from attack.

This is untrue. According to a recent Government survey, cyber security threats have increased, with 87% of small businesses suffering a breach last year, compared with 76% the previous year.

Those that don't take adequate security measures can easily become a target. And the associated costs - often amounting to thousands of pounds - could wipe out your business entirely.

It starts with a strategy

Yet protecting your systems and data is easy; it starts with a strategy. This means determining the assets which need protecting and assessing how immediate the threat is to your business.

You must then decide who needs access to certain information. For example, it's likely that accounts and sales won't need access to the same data. Assigning access according to job titles means you can then prevent your accountant leaving the business with your sales data.

Education is also part of the security strategy; many breaches are caused by an internal member of staff's error. As such, employees must be taught to recognise phishing and social engineering attacks; how to identify rogue emails; and told to avoid clicking on unfamiliar links.

Basic solutions

As well as implementing a firewall and anti-virus software, basic security entails authentication, encryption for remote access and patch management.

If systems are not properly patched and configured, you are not completely protected. Small companies must therefore ensure that the software is still licensed: out of date software is a prime target. Security software is especially important; it's essentially useless when it's out of date.

Cloud is another option if you are looking for an easy way to manage your security. It has the ability to boost resilience as well as saving time. Cloud based solutions don't need software to install, making them a cheap and easy option for smaller firms. Fears about security are unfounded; reputable providers such as Dell can often protect your data better than you could on the premises.

Managing mobile devices

Your computers are not the only hardware that needs to be kept secure; small businesses are more likely to be using devices such as smartphones and tablets on a regular basis. As well as basic encryption, firms can deploy mobile device management (MDM) solutions that separate work from personal data on your portable hardware, as well as allowing the device to be wiped if it's lost or stolen.

However, in the wake of increasingly sophisticated attacks, it's impossible to mitigate the risks entirely, so it's advisable to plan for if things do go wrong. Adequate backup is essential, so the business can keep running if a small breach does occur.

With a strategy in place, starting to secure your business is not a costly process. If basic security measures are taken and software is up to date, you will be able to manage the risks and hopefully avoid a breach entirely